eh

command module
v0.0.0-...-98ca5a1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 26, 2018 License: MIT Imports: 1 Imported by: 0

README

eh — Encrypted HCL

A small utility to encrypt and decrypt some of the values in .hcl files.

HashCorp configuration language is a great format for application config files.

Config files often include passwords, private keys, and other secrets. This utility can encrypt these values to protect them.

Install

go install github.com/agilebits/eh
eh help

Update

go get -u github.com/agilebits/eh
go install github.com/agilebits/eh

Encryption Options

There are two encryption options: "local" and "awskms".

The local option uses a master key that is stored in ~/.sm/masterkey file. A new masterkey is created on the first run. It could be shared within the team if the configuration file is checked into the version control system.

For apps running on AWS, the "awskms" option can be used. It is based on the KMS key that should be made available to the EC2 instances.

Reading Config in Apps

    configURL := "file://./config.hcl"
    config, err := secrets.Read(configURL)
	if err != nil {
        ...
	}

    hclObject, err := hcl.ParseBytes(contents)
	if err != nil {
        ...
	}

	var config MyAppConfig
	if err := hcl.DecodeObject(&config, hclObject); err != nil {
		...
	}

Notes

For more complex secret management options, check out Vault by HashiCorp and Docker Secrets.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.